Raytheon [RTN] has received a two-year, $3.5 million contract from the Defense Advanced Research Projects Agency (DARPA) to improve the ability of existing technologies to quickly detect insider threats amid large amounts of data at end-points within organizations.
Under DARPA’s Anomaly Detection at Multiple Scales (ADAMS) program, Raytheon researchers will use the company’s SureView endpoint audit and investigation solution to detect anomalous behavior by people working on their computers in an organization. One goal of the project is to be able to more quickly detect malicious actions than current capabilities allow.
“This project will provide unprecedented understanding of the insider threat at a time when the U.S. government is mandating that agencies implement automated insider threat detection capabilities to protect their classified information systems,” Steve Hawkins, vice president of Raytheon’s Intelligence and Information Systems’ Information Security Solutions business, said in a statement. “The ADAMS program will ensure that operationally proven tools such as SureView can be further enhanced to keep pace with the ever-evolving nature of the insider threat and allow analysts to better identify precursor behaviors before damaging incidents occur.”
ADAMS will also leverage much larger data sets than previous research programs and use data form large computer end-user populations observed in live, operational environments.